PaulDotCom mailing list archives
A couple of security avoidance techniques
From: Jon Creasey <jon-pauldotcom () torturedjellybaby co uk>
Date: Mon, 04 Oct 2010 20:14:08 +0100
Pauldotcom Collective, While carrying out some security examination for a client i have come across two methods they use for secondary validation. The premise is that if you are on a trusted network the encryption and lockdown software will relax slightly (Still full disk encryption and MAC based authentication). However the secondary method used is either ping to a host of intranet.corp.bob or a ping to specific IP's that are embedded in the security client. i.e if 10.10.10.10 doesn't respond you aren't on our network. What i'm therefore looking for to prove this is as much use as a chocolate fireguard is a way of spoofing all DNS requests to *.bob to return an IP address under my control that can be set to respond to ICMP and also some sort of way of responding to any ping request with a yes even if it's not pingable in reality. Over to the collective. Jon _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- A couple of security avoidance techniques Jon Creasey (Oct 04)